Open AccessPosted Content
Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer.
TLDR
In this paper, the authors proposed an augmented secure channel (ASC) that allows a sender to send a receiver message consisting of two parts, where one is privacy-protected and both are authenticity-protected.Abstract:
Motivated by the wide adoption of authenticated encryption and TLS, we suggest a basic channel abstraction, an augmented secure channel (ASC), that allows a sender to send a receiver messages consisting of two parts, where one is privacy-protected and both are authenticityprotected. Working in the tradition of constructive cryptography, we formalize this idea and provide a construction of this kind of channel using the lower-level tool authenticated-encryption. We look at recent proposals on TLS 1.3 and suggest that the criterion by which their security can be judged is quite simple: do they construct an ASC? Due to this precisely defined goal, we are able to give a natural construction that comes with a rigorous security proof and directly leads to a proposal on TLS 1.3 that is provably secure.read more
Citations
More filters
Journal Article
A provable-security treatment of the key-wrap problem
Phillip Rogaway,Thomas Shrimpton +1 more
TL;DR: It is suggested that key-wrap's goal is security in the sense of deterministic authenticated-encryption (DAE), and it is shown that a DAE scheme with a vector-valued header, such as SIV, directly realizes this goal.
Proceedings ArticleDOI
Implementing and Proving the TLS 1.3 Record Layer
Antoine Delignat-Lavaud,Cédric Fournet,Markulf Kohlweiss,Jonathan Protzenko,Aseem Rastogi,Nikhil Swamy,Santiago Zanella-Béguelin,Karthikeyan Bhargavan,Jianyang Pan,Jean Karim Zinzindohoue +9 more
TL;DR: The TLS record layer is the main bridge between TLS applications and internal sub-protocols as mentioned in this paper, and the TLS 1.3 record layer has been shown to be provably secure.
Dissertation
Secure Tunnels for Constrained Environments
TL;DR: In this article, the authors present nouveaux protocoles d'echange de cle entre deux et trois parties and decrivons des modeles de securite permettant de saisir leurs proprietes and de les analyser.
Journal Article
A Framework for Universally Composable Diffie-Hellman Key Exchange.
Ralf Küsters,Daniel Rausch +1 more
TL;DR: An ideal functionality in the universal composability setting is provided which supports several common cryptographic primitives, including DH key exchange, and a new general ideal key exchange functionality which allows higher-level protocols to use exchanged keys in an ideal way.
Posted Content
IoT-Friendly AKE: Forward Secrecy and Session Resumption Meet Symmetric-Key Cryptography.
TL;DR: This work describes a 3-party authenticated key exchange protocol solely based on symmetric-key functions (regarding the computations done between the end-device and the back-end network) which guarantees forward secrecy.
References
More filters
Proceedings ArticleDOI
Universally composable security: a new paradigm for cryptographic protocols
TL;DR: The notion of universally composable security was introduced in this paper for defining security of cryptographic protocols, which guarantees security even when a secure protocol is composed of an arbitrary set of protocols, or more generally when the protocol is used as a component of a system.
Book ChapterDOI
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
TL;DR: This work analyzes the security of authenticated encryption schemes designed by "generic composition," meaning making black-box use of a given symmetric encryption scheme and a given MAC and indicates whether or not the resulting scheme meets the notion in question assuming the given symmetry is secure against chosen-plaintext attack and the given MAC is unforgeable under chosen-message attack.
Analysis of the SSL 3.0 protocol
David Wagner,Bruce Schneier +1 more
TL;DR: A number of minor flaws in the protocol and several new active attacks on SSL are presented; however, these can be easily corrected without overhauling the basic structure of the protocol.
Proceedings ArticleDOI
Authenticated-encryption with associated-data
TL;DR: This paper formalizes and investigates the authenticated-encryption with associated-data (AEAD) problem, and studies two simple ways to turn an authenticated-Encryption scheme that does not support associated- data into one that does: nonce stealing and ciphertext translation.
Proceedings ArticleDOI
A model for asynchronous reactive systems and its application to secure message transmission
Birgit Pfitzmann,Michael Waidner +1 more
TL;DR: In this article, the authors present a rigorous model for secure reactive systems in asynchronous networks with a sound cryptographic semantics, supporting abstract specifications and the composition of secure systems, which is essential in bridging the gap between the rigorous proof techniques of cryptography and tool-supported formal proof techniques.